My Gmail Account got Hacked – What to do and How to Prevent This?

I admit it; my email is my life, my second name, my license plate in the online world. My PayPal account is associated with it, all my online jobs point to that email. I thought that setting up a password of 50 characters long would be enough, but I have chosen only words and numbers. That’s how I almost got hacked.

Another huge mistake that I made was to be logged in all the time. This is silly, especially when you’re basically living online, like I do. That’s when I realized that I depend so much on Google. I use Google Reader, Google News, Google Calendar, Google Books, Google+, Adsense and other products. You may ask, why do I use them? Well, because they are good, simple and they suit my needs.

So, how did the hack happen? Was I that dumb to let a foreigner destroy my online identity or as one’s activity grows on the web, you become an easy target for them. How do big bloggers protect their email accounts, one could ask? I know many that use the same, basic Gmail account. Why their accounts don’t get hacked?

The Basics of Your Gmail Account Security

First of all, you need to set up a strong password, and by strong I mean using not only letters and numbers but also symbols like these “*, /, #, ^, &, -. +” and make it quite long, I’d go for a minimum of 30 characters. After that, save your password somewhere in your computer in a .txt file, but don’t name it “password” or something relevant. If you’re afraid that your own computer could get hacked, then print your password and keep that small sheet in your wallet.

Also, if you are not sure what anti-virus or spyware software to use, download the Google Pack and choose from there. It’s not wise to have multiple anti-virus software installed, so pick one and you’re set up. If you are still unsure, you can choose one of these free antivirus software.

Remember, when you created your account, you were asked a security question and you have also picked a secondary, recovery email address. Make sure that the secondary email address is also secured and has a solid password. It could be an email that you use to speak with your friends and family or created only as back-up. Just make sure to have its logins also printed on that important piece of paper.

Some Extra Steps You Must Take

Even if you have set up a solid password, don’t forget to change it. I am not sure how often, but for the sake of regularity, do it once a month. If you have a Gmail account, Google suggests updating your recovery email address, your phone number and your secret question.

Sure, once the hacker is in, he can change some of those things, but setting up the 2-step verification can make his breaking-in real hard. But even that can get tricky if you’re planning to travel for a long period. So, be careful to change your phone number before you leave. Yes, I know, taking care of your email is like taking care of a baby, it requires responsibility.

Also, make sure to check the website that has authorized access to your Gmail account and the POP/IMAP. The hacker could be stalking you and analyzing your moves (as he did with me), so be careful to check from time to time whether there is someone else logged into your account.

You can do this by clicking details at the bottom right of your Gmail page. You can see there whether there is somebody else logged into your email account. What you wanna do is hit the sign out button

Once you’re there, check if you see other geographical locations beside the ones from where you accessed your email.

After having signed out from all other locations, go to Mail Settings > Accounts and Import

and see whether the hacker has left a “gift” for you in that section. Remove it if he has managed to get there. If you’re inside Mail Settings, why not check the https connection type as well.

What to do if You’ve Been Hacked

Luckily for me, I was near my computer at an early hour, which makes me suspect that the hacker was watching closely my activity as he struck when I wasn’t expecting it – during the night. Obviously, I tried inserting my long password five times in a row, then even restarted my computer. After that, I cleared the web history and the cache. I suggest that you don’t repeat my errors as this gives time for the hacker to make all the changes inside your mail settings so that he could restrict you from recovering your account. Act immediately, don’t wait.

You should remember some email contacts with whom you’re exchanging emails quite often. Also, if you don’t have labels, then create some as in the recovery process the support team will ask you this.

In my case, the hacker was pretty clever and he changed the security question, the secondary email and even the phone number. I was quick to react and have chosen the “I no longer have access to these” option. After that, you will find a pretty detailed form where you will be asked about labels, email contacts and Google services that you use. You should indicate the approximate dates.

The Google support team answer arrived in less than 10 minutes and this saved my ass. I quickly recovered my email account and sighed.

How to Prevent The Hacking and Other Reminders

Right after recovering my account, I went for a 80 characters password, with more than 30 symbols in it, then printed it along with the password for my secondary email, which is also a solid one. After that, I installed another anti-virus and a spyware, I have chosen something from the Google Pack, namely avast! as I already have Super Anti Spyware. Then I went to see the gmail page details to see from where the jerk attacked and saw his IP and found his exact geographical location, but even if he’d managed to make some harm, I wouldn’t have known what to do against it, since an IP adresss is not a person.

I know I may sound like a broken record, but always check for viruses and malware, at least once per week, make sure to update your security tools and also the operating system. You should be careful about your browser as well, check for third-party applications and always download the latest version; Chrome or Firefox are secure browser, albeit Internet Explorer 9 has scored some nice security results as well.

Always check the attachments and don’t forget to back-up your mail. Don’t read spam mails and whenever a spam hits your inbox, remember to mark it as spam so it will not annoy you anymore.

Also, don’t repeat the error of not logging out. But, the biggest mistake of them all is to believe that it can’t happen to you. It can and it will eventually if you’re not going to be extra careful about it.